﻿using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

public partial class UserControls_dangnhap : System.Web.UI.UserControl
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if((string)Session["EMAIL"]==null)
        {
            this.Visible = true;
         }
        else
        {
            this.Visible=false;
        }
      
    }
    protected void but_dangnhap_Click(object sender, EventArgs e)
    {
           
            if (th_matkhau.Text == "" || th_email.Text == "")
            {
                loi.Text = "Bạn Chưa Nhập Email Hoặc Mật Khẩu";
                loi.Visible = true;
            }
            else
            {
                string user = th_email.Text;
                string pass = th_matkhau.Text;
                //string connectionString = "Data Source=.\\SQLEXPRESS;Initial Catalog=BANSACHTRUCTUYEN;Integrated Security=True";

                string connectionString = "Data Source=.;DataBase=BANSACHTRUCTUYEN;Integrated Security=True;Pooling=False";

                SqlConnection connection = new SqlConnection(connectionString);
                connection.Open();
                string sql = "select * from nguoidung where EMAIL=@user and MatKhau=@pass";
                SqlCommand command = new SqlCommand(sql, connection);
                command.Parameters.Add("@user", SqlDbType.NVarChar).Value = user;
                command.Parameters.Add("@pass", SqlDbType.NVarChar).Value = pass;
                SqlDataReader reader = command.ExecuteReader();
                if (reader.Read())
                {
                    // dang nhap ok
                    Session["EMAIL"] = user;
                    Session["QUYENHAN"] = (int)reader["QUYENHAN"];
                    Session["ID_NGUOIDUNG"] = (string)reader["ID_NGUOIDUNG"];
                    //loi.Text = "Chào mừng bạn "+ user;
                    //loi.Visible = true;
                    
                    if (((int)Session["QUYENHAN"]) == 1)
                        Response.Redirect("Admin.aspx");
                    //else
                    //    Response.Redirect("admin.aspx");
                }
                else
                {
                    loi.Text = "Đăng Nhập Không Thành Công";
                    loi.Visible = true;
                }
                connection.Close();
            }
       
    }
    
}
